Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
Docs
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sql injection vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-3584
SQL-Ledger 2.8.24 does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an http session.
Sql-ledger Sql-ledger 2.8.24
5.5
CVSSv3
CVE-2018-8532
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Ser...
Microsoft Sql Server Management Studio 17.9
Microsoft Sql Server Management Studio 18.0
1 EDB exploit
5.5
CVSSv3
CVE-2018-8527
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Serv...
Microsoft Sql Server Management Studio 17.9
Microsoft Sql Server Management Studio 18.0
1 EDB exploit
5.5
CVSSv3
CVE-2018-8533
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Ser...
Microsoft Sql Server Management Studio 17.9
Microsoft Sql Server Management Studio 18.0
1 EDB exploit
6.5
CVSSv2
CVE-2010-0147
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0.296, and 6.0 prior to 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Cisco Security Agent 5.1
Cisco Security Agent 5.2
Cisco Security Agent 6.0
6.5
CVSSv2
CVE-2008-4078
SQL injection vulnerability in the AR/AP transaction report in (1) LedgerSMB (LSMB) prior to 1.2.15 and (2) SQL-Ledger 2.8.17 and previous versions allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Ledgersmb Ledgersmb
Sql-ledger Sql-ledger
7.5
CVSSv2
CVE-2002-0982
Microsoft SQL Server 2000 SP2, when configured as a distributor, allows malicious users to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.
Microsoft Sql Server 2000
1 EDB exploit
9
CVSSv2
CVE-2008-5416
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and previous versions; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows I...
Microsoft Sql Server 2000
Microsoft Sql Server 2005
3 EDB exploits
1 Github repository
7.5
CVSSv2
CVE-2008-7120
SQL injection vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and previous versions allows remote malicious users to execute arbitrary SQL commands via the news.php parameter.
Mrcgiguy Hot Links Sql-php
1 EDB exploit
7.5
CVSSv2
CVE-2005-1236
Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3.1.2 SQL allow remote malicious users to execute arbitrary SQL commands via the (1) iChannel parameter to channel.asp or search.asp, (2) iData parameter to detail.asp or inc_rating.asp, (3) iCat parameter to det...
Duware Duportal 3.1.2
Duware Duportal 3.1.2 Sql
4 EDB exploits
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
inject
CVE-2025-51381
IDOR
nvidia
CVE-2025-4123
CVE-2025-2783
CVE-2025-30678
remote attackers
CVE-2025-48443
kcm3100
CVE-2025-6196
tarteaucitron.io
adrian ladó
earch icon">CVE-2023-33538
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »